Quick and dirty, make access dependent on a cookie manually installed on that PC.

That'll not be a good idea. This is a system for employees, yet needs to accessed online only by an admin.
Security is important. Cant depend on manual cookie installation. Needs to be hack proof.

Nothing connected to the Internet is hack proof.

How about installing the application directly on the designated PC. Then use remote access technology for the Admin?

On a Windoze client, you could perhaps look at

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid

Obfuscate the value, i.e. using a timer and the client's ip address, and transfer that value over SSL

Nothing is fool proof though, especially not when you have people with physical access to your client PC.

I think the intended architecture is all wrong. You are trying to put square pegs in round holes.

I agree with Bill. This should be a client app which communicates with the server using web services.

The only way I can think of is to open an SSH connection between the PC/touchscreen and the server. The web connection is then tunneled over the SSH connection to the web server. The web server should only listen to port 127.0.0.1 and the browser on the PC/touchscreen also connects to 127.0.0.1 on the local computer. The local SSH client and the remote SSHD server catch the requests for the local port 80 and tunnel it to the remote site.

Such a setup is tricky to firewall on the touchscreen PC, because users on the same local network as the touchscreen may be able to connect to the port 80 if it isn't blocked for access via the IP address of the network interface.